1. Technical Field of the Invention
This invention relates to communication networks. More particularly, it relates to monitoring and analyzing any communications network, whether public, private, value add, Internet, or any combination thereof, for the purpose of determining the location of remote devices attached or attaching to that network.
2. Background Art
Managers of information systems for public and private enterprises are required to provide ever-increasing network access to their information systems for remote users. As the business requirement for remote connection to information systems across private and public networks grows, difficulties in maintaining security and adequate performance increase in lock step.
In the current art, security is achieved by means of smart cards, physical verification, passwords, encryption, and fire walls. Smart card security works much in the way that a particular-key opens a particular lock. Physical possession of the card enables the user to operate a remote workstation and access applications on a server. Physical verification security is implemented by means of requiring the of scanning of physiological characteristics of a user (such as the iris of the eye or a thumb print) and requiring that these scanned characteristics match stored values in order for further use of the system to be allowed. Password security for systems and applications requires a user to enter a valid user ID together with a corresponding password consisting of a confidential alphanumeric sequence before access to the resource is allowed. Encryption security works by having a device at each side of a connection encode all transmitted data and decode all received data according to an algorithm set by an encryption key. Without the proper, matched encryption key, the two sides cannot communicate. Firewall security is implemented by network connected devices that examine packets and determine whether to allow the packets to pass depending on whether the origin device and application are allowed to communicate with the target device and application.
While each of these security techniques is effective, none is foolproof. A smart card, password, or encryption key can be stolen or replicated. Physiological scans can compromised by subversion of the database or by mimicry, or the person with the required physical characteristics can be kidnaped and coerced into connecting to the system. And fire walls can be bypassed by mimicry or subversion of the router""s tables. For these reasons, organizations often use a plurality of these techniques in combination to protect their proprietary systems.
In many cases, an organization can expect that a particular user will be connecting to a particular application from a particular location or set of locations, and not from certain other locations. As an example, there are foreign countries that the Department of State of the United States either discourages or forbids citizens of the United States to visit. So it might be very unusual for access to certain computer systems in the United States to be allowed from those countries. Or, a secured application might be intended to be accessed by staffs only in a few secured locations, and from nowhere else. Moreover, an organization might want to record the actual location of all users accessing a particular application simply as an audit point and as a means of assisting in identifying who actually was connected. Such proof of connection might serve a purpose similar to the use of video recording equipment at automatic teller machines and other such facilities.
Aside from use of fire walls, the security techniques noted above do not generally apply to public-access systems, such as web sites. For example, anyone can access the IBM Corporation web site to obtain product information without requiring a thumb print, password, encryption key, or smart card. General public access to web sites is desirable as an inducement to increase business. However, as with all open-to-the-general-public systems, some visitors have malevolent intent, such as to disrupt the web site (e.g., DoS, or denial of service attacks) or to break into proprietary systems by using the publically accessible system as an entry point. It would thus be useful to be able to determine the actual location of remote users of both secured-private and open-public computer systems in order to facilitate identification of possible interlopers for security purposes. Such identification can be used either to prevent the interlopers from gaining access to the systems or to assist with the identification of interlopers after the fact, since the current security arts of passwords, encryption, physiological scanning, smart cards, and fire walls cannot always be employed, and when they are employed, they are not foolproof. Moreover, none of these methods can be used readily for after the fact location or identification of interlopers.
In addition to enabling implementation of new forms of system security, knowing the distance between systems can enable intelligent allocation of resources as well as dynamic tuning for the purpose of improving performance. Currently, in cases in which a service can be provided by multiple resources, systems either allocate a resource for a particular connection based upon round robin alternation (e.g., various implementations of router and communication controller link selection), a table entry (e.g., System Network Architecture class of service subarea route selection), or else on the basis of transmission of a test packet to each possible server, with the first server responding being the one selected for the connection (e.g., token ring network source route bridge path selection, and IBM Network Dispatcher""s server selection software). Another resource optimization technique is exemplified by OSPF (Open Shortest Path First) router path selection, which selects network paths on the basis of least number of hops, end-to-end. While OSPF uses a least number of hops algorithm, this does not imply that the path with the least physical distance is selected, because physical distance is not known and is not a consideration.
For currently available work-allocation schemes for network attached devices, no method is available that computes physical distance, so physical distance is not currently a consideration in connection setup algorithms. The ability to calculate physical distance and apply the result to connection setup would be beneficial for at least the following reasons:
(1) Public Application Service Providers (ASPs) provide geographically dispersed web services by means of computer servers located at diverse points at the edge of the Internet. For ASP providers, it would be desirable to know the physical distance between each available server and each connecting user at least to be able to consider physical proximity in the determination of which server will be selected for each connection.
(2) Private application services intended for use only within an organization are increasingly being dispersed over multiple machines because of regulatory requirements (such as SEC requirements for brokerage services to be backed up at another site within four hours of a disaster) or simple business prudence. Once an organization creates backup facilities, it is often prudent to run applications at each service point rather than leave one dormant as a standby. This is because hardware and software problems are unrecognizable in a dormant system, and trying to bring up a recovery system in the face of a disaster while trying to deal with previously undiagnosed hardware and software problems is a major impediment to recovery. With increasing use of technology in which data is mirrored across remote datacenters (such as IBM""s Geographically Dispersed Parallel Sysplex technology) it is becoming more common to find one application (for example, order entry) running on physically distant machines. In all cases in which users may connect to identical services provided by multiple, geographically dispersed servers, it is desirable to know the physical distance between each connecting device and each potential server when deciding which server should be selected for the connection.
Heretofore, systems for tuning or optimizing a connection between devices in a data communications network do not involve consideration of the location of the target device. There is a need in the art for a system and method for determining the physical location of devices across multihop communications links using communications network commands.
When considering methods for determination of physical location, the Global Positioning System (GPS) must be mentioned. In the GPS system, radio signals transmitted from multiple satellites in earth orbit are collected by receivers, and a form of triangulation analysis is employed by the receiver to calculate the precise location of the receiver. In order for a GPS receiver to be able to perform its calculations, the receiver must employ an almanac-type database from which satellite location can be determined. Since calculation of the location of the receiver is based on the receiver""s position relative to a set of satellites, the GPS receiving system must work from precise satellite location, and this process requires a very high degree of time clock coordination. The location calculation process also requires updates known as xe2x80x9cephemeris constant correctionsxe2x80x9d which are employed to adjust calculations for changing conditions in the ionosphere and troposphere that affect signal propagation from the GPS satellites through the earth""s atmospheric layers (e.g., see http://iono.jpl.nasa.gov//latest.html for NASA""s realtime North America ionosphere total electron count map).
GPS is not currently used for security and performance enhancements in computer networks, and such use would be inhibited by at least the following factors. First is cost. GPS receivers would have to be employed on all devices requesting connection to networks for service. Since a major purpose of ensuring top performance is to optimize use of resources so that costs can be minimized, requiring a significant investment in added equipment to ensure performance is self-defeating. Second, from the security perspective, assuming devices connecting to a network were outfitted with GPS receivers, each such device connecting to the network would then have to report its location to some entity which could then determine whether the reporting device meets security requirements for connection. This would be fraught with the peril that the reporting device might alter the location information it transmits so as to appear to be a legitimate requester of service when in truth it is not. Third, most computer users are located in facilities in which satellite and other transmissions are either not available or are perturbed. For example, GPS working groups are currently studying ways of improving GPS accessability and accuracy, as described in the introduction of the paper xe2x80x9cImproving GPS Coverage: Indoors and Downtown,xe2x80x9d delivered at the 2001 ION GPS Conference:
xe2x80x9cThe Global Positioning System (GPS) is a widely acknowledged success story. For over 20 million users it provides worldwide position fixing, in all weather, at all times of day. It provides this service to users at sea, in the air and in space. In general, these users have a clear view of the sky and can receive all satellites in view with little difficulty. These fortunate users enjoy position-fixing accuracies of 10 meters or better. With differential corrections, they can obtain accuracies of better than 1 meter.xe2x80x9d
xe2x80x9cTo date GPS has struggled to serve users in cities or other environments with obstructions. These users may not be able to receive signals from the four satellites required for three-dimensional position fixing. Indoors, the user may struggle to find a clear sight line to just one satellite. Yet these urban and indoor users also need to know where they are. For example, emergency (E-911) callers would like to automatically deliver their estimated position when they call for help. When they place an emergency call they are under stress and may be unable provide a clear and accurate description of their location.xe2x80x9d
(xe2x80x9cImproving GPS Coverage: Indoors and Downtown,xe2x80x9d Per Enge, Stanford University; Rod Fan and Anil Tiwari, @Road, Inc,; Andrew Chou, Wallace Mann, Anant Sahai, Jesse Stone and Ben Van Roy, Enuvis, Inc.; presented at the ION GPS Proceedings, 2001.)
This text helps illustrate the fundamental challenges GPS would face in computer and network applications. First, GPS does not work well indoors (especially computer rooms) because of line of sight, poor signal-to-noise ratio, and other receiving problems. Second, GPS requires the receiver to collect multiple satellite transmissions and then either calculate its own position and report it to any other interested party or else (potentially) to forward the received satellite transmission data to some other entity for location analysis, which means that a remote system would be responsible for reporting its own location, which leaves open the security risk of deliberate misrepresentation. These factors, together with the cost of installing GPS prolifically and managing the GPS receivers would make it very difficult for GPS to play a significant role in networked computer security and performance applications.
It should also be noted that the mathematics inherent in the system and method of GPS is based on line of sight visibility and speed of light radio transmission. This can be characterized as a xe2x80x9cpoint-to-pointxe2x80x9d connection. Any system or method for using the non-line of sight communication media commonly used by computer networks, such as the copper and fiberoptic cables comprising the Internet, corporate, government, and telephone company networks, must account in its mathematical foundation for the speed degradation imposed by the networks"" routers. By this it is meant that an individual network packet traveling across xe2x80x98nxe2x80x99 router-connected hops of identical speed will be serialized at a rate of only 1/n when compared with a packet of the same length traveling over a single hop of that speed. In GPS, the line of sight based radio transmission through the atmosphere is a single hop system. Communication networks, including the Internet, are copper and fiber cable-based systems with interspersed routers that do not merely amplify signals, but collect, analyze, and retransmit packets. So unlike GPS, in which the atmospheric conditions and transmission signal speed between a receiver and each of the satellites is quite uniform, the communication networks connecting a target station to each of three or more test stations will generally differ markedly in number of hops and hop speeds. So the methodology and mathematics will differ for such systems, and the system and method for locating devices by network testing must mathematically and methodologically account for these differences.
It is an object of the invention to provide an improved system for determining the location of a remote system.
A system and method for determining the physical location of a target device. Using network commands, the distances of three test devices of known locations to the target device are determined; and responsive to those distances, the location of the target device is determined by triangulation.
In accordance with an aspect of the invention, there is provided a computer program product configured to be operable for determining the physical location of a target device by triangulation using network pinging and trace route executed by three test stations to determine distances from the test stations to the target device.
Other features and advantages of this invention will become apparent from the following detailed description of the presently preferred embodiment of the invention, taken in conjunction with the accompanying drawings.